help virus experts

Discussions about anything Computer Hardware Related. Overclocking, underclocking and talk about the latest or even the oldest technology. PCA Reviews feedback
Post Reply
grumpy 1
Senior Member
Posts: 118
Joined: Wed Nov 21, 2001 6:08 pm

help virus experts

Post by grumpy 1 »

Im having a hell of a ttime getting rid of a virus of opaserve from a windows me machine
Ive have found filles called brasil.pif and marco .scr deleted as many keys as i could find from the registry
I deleted system restore all together because that just kept sticking the viruses back
Initially pc cillin wont let me install it because it warns me of a virus so i have to clean it up
I install pc-cillin and update it and its cllear uninstall pc-cillin and put norton 2003 on and update it and it says its clear
Restart the computer and still all clear as soon as i connect to the internet i get a virus warning of a virus in c cdrive opa serve brasil.pif scrnsvr .exe within minutes of being connected to the net they re back
I read that there can be a ini file that connects to a web site that rebuilds the virus but im dammed if i can find it

Man this is driving me bonkers

Cheers
Top
blade
Posts: 9113
Joined: Wed Nov 22, 2000 1:56 am
Location: LV-426
Contact:
Contact blade

Post by blade »

Looks like a nasty one.

A lot on it here:
http://securityresponse.symantec.com/av ... .worm.html

Scroll down for removal instructions and removal tool:
http://securityresponse.symantec.com/av ... .tool.html

This patch is suppose to prevent future infections:
http://www.microsoft.com/technet/securi ... 00-072.asp

Good luck. :)

Post back if that helps or not.



Free online virus scan:
http://housecall.trendmicro.com/
[align=center]<img src="http://www.statgfx.com/statgfx/folding/?&username=blade&border=0,0,64&custom=21,138,255&label=79,79,255&header=149,202,255&stats=0,255,255&bgcolor=0,0,181&trans=no&template=fah_original&.jpg" alt="www.Statgfx.com" />
<img src="http://www.pcabusers.org/funnies/monkey2.gif">
<i><small>"Too much monkee business"</i></small>[/align]
Top
User avatar
FlyingPenguin
Flightless Bird
Posts: 33162
Joined: Wed Nov 22, 2000 11:13 am
Location: Central Florida
Contact:
Contact FlyingPenguin

Post by FlyingPenguin »

ALWAYS read the security bulletin on a virus. Just cleaning and deleting a reference in the startup registry won't do. Many of the new ones (like this one) back themselves up and restore themselves from a safe place when you reboot.

When it's a complex virus there's usually a free removal tool available (like this one). Follow the instructions with the removal tool explicitly - in the case of ME and XP you must disable System Restore before using the tool for example, and most of these viruses will restore themselves from network shared so you usually need to disconnect the computer from the network.
---
“The Government of Spain will not applaud those who set the world on fire just because they show up with a bucket.” - Prime Minister of Spain, Pedro Sánchez

Image
Top
grumpy 1
Senior Member
Posts: 118
Joined: Wed Nov 21, 2001 6:08 pm

virus

Post by grumpy 1 »

I have followed symantec s removal advice i can clean the thing up the way they explain and use there removal tool but when i go back on the net bam it reinfesyts the computer
From what i understand there is a file that connects to a opaserve server and when you go online it makes it trigger again but im dammed if i can find such a file

Grrr
Top
Post Reply

Return to “General Hardware”